You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

My computer is affected with AV guard online. It keeps directing every time a web page is opened and will not let any kind of malware removal program run. It swiftly closes all malware removal programs for eg(Malware anti-byte's antimalware). I ran it but it suddenly crashed. I am currently in windows safe-mode and it didnt let me run malware anti-byte's antimalware of even GMER. The instruction in bleeping computer was to run GMER and provide ark.txt file but when I ran GMER.exe it suddenly crashed. I am not sure how to get rid of this AV guard online.

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.Notes:1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

I did as instructed and ran combofix. It downloaded MS windows recovery console and said is scanning for malware. I got a message window that said you have been infected with a serious rootkit.zeroaccess at TCP/IP core so you need to reboot. It also said that ' computer will automatically reboot and please don't manually reboot'. Further,it said if you are not able to connect to internet after re-boot please run combofix again. But in your original post you had asked not to re-run combofix. I clicked ok for re-boot but didn't want to risk anymore so I shut down my computer and wanted to report what happened before I do anything else. I am typing this reply from my friend's computer as I didnt want to re-start and screw up again. Can you please help me? Am I doing anything wrong or what should I do now.

If an update is found, it will download and install the latest version.

Once the program has loaded, select "Perform Quick Scan", then click Scan.

The scan may take some time to finish, so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and clickRemove Selected. <-- very important

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Please find below the log report of latest combofix. My computer now seems to be ok and I dont' get the AV guard online any more but I am not still sure if it won't come back. Can you tell from the log if it is gone for good and also what should I do to not get these kind of malware anymore.

Please find below the combofix report. I don't use a router instead I use a cable modem and vonage device. There was no reset button on my cable modem so I unplugged it for 10 sec and hit the reset button the vonage device. Do you still see any issues from the log below? Thanks again for your help and time.